Data Subject Rights
This right allows you to find out if a company has your personal information and get a copy of it.
What is the right to access?
Collecting only the data you need is an example of this privacy principle.
What is data minimization?
Under the JDPA, this is the regulator that oversees compliance in Jamaica.
What is the Information Commissioner?
This is the month many countries celebrate Data Privacy Day.
What is January?
An individual whose personal data is processed is called this.
What is a Data Subject?
The JDPA and GDPR both allow you to request corrections to inaccurate information with this right.
What is the right to rectification?
Under both acts, organizations should only hold personal data for as long as this.
What is necessary (storage limitation)?
Under GDPR, organizations may have to appoint this role to oversee privacy compliance.
What is a Data Protection Officer (DPO)?
The organization that determines why and how data is processed.
What is a Data Controller?
You can ask a company to delete your data in certain circumstances using this right, sometimes called “the right to be forgotten.”
What is the right to erasure?
Keeping data accurate and up to date reflects this GDPR and JDPA principle.
What is accuracy?
This document, required under both laws, outlines how an organization processes personal data.
What is a Privacy Notice/Privacy Policy?
What does the acronym ‘GDPR’ stand for?
What is General Data Protection Regulation?
This word describes information relating to an identified or identifiable person.
What is Personal Data?
This right lets you object to your data being used for marketing.
What is the right to object (to processing for direct marketing)?
The obligation to be open and honest about what you do with people's data is known as this.
What is transparency?
These must be carried out when new technology or procedures could threaten people’s privacy.
What are Data Protection Impact Assessments (DPIAs)?
This means any operation performed on personal data, like collecting, storing, or deleting it.
What is Processing?
Under both laws, you can ask organizations to stop processing your data temporarily using this right.
What is the right to restrict processing?
Organizations must ensure appropriate security to prevent unauthorized access to data, called this principle.
What is integrity and confidentiality (security)?
Within this time frame, breaches must be reported to authorities under GDPR/ JDPA.
What is 72 hours?
Why can’t privacy laws throw surprise parties?
Because they always require prior consent!
This is required to process sensitive personal data under both GDPR and JDPA.
What is Explicit Consent?